Wei Shen wrote:
> Hi,
>> On 8/2/07, *Marcus Voelp* <voelp at os.inf.tu-dresden.de> <mailto:voelp at os.inf.tu-dresden.de>> wrote:
>> L4.sec is (and probably will be for quite some time) an experiment
> that
> is still worked on in our group. Mainly due to maintenance and
> support
> issues the sources have not been officially released yet. Our roadmap
> regarding L4.sec is to continue experimenting with capabilities
> and user controlled kernel memory management. Some of the results
> we already integrated into the Fiasco kernel, which is our
> mainstream kernel as for now. These include kernel memory quotas,
> security monitor style IPC permissions (though no local names yet).
>>> What does "security monitor style IPC permissions" mean? Can it be
> found in current Fiasco release?
Yes, although documentation lacks behind a little bit. Check the IPCMon
package in the OpenTC Snapshot for an example how to use it these kernel
features. Primarily you can restrict the tasks to which a given task may
send IPC.
>> Others are likely to be integrated in some form in the Nova
> microhypervisor, which we are currently developing in the course
> of the Robin project.
>>> Where can I find information about Nova and Robin? Are there any
> English documentation?
http://robin.tudos.org/
See the Executive summary for a progress report on Robin. A
specification of Robin will be released latest in Mai 2008.
Best regards
Marcus
--
Marcus Völp
Technische Universität Dresden
Department of Computer Science
Institute for System Architecture
Tel: +49 (351) 463 38350
Fax: +49 (351) 463 38284
Email: voelp at os.inf.tu-dresden.de
Web: http://os.inf.tu-dresden.de/~voelp